You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ofbiz.apache.org by jl...@apache.org on 2009/11/12 00:38:05 UTC
svn commit: r835161 -
/ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java
Author: jleroux
Date: Wed Nov 11 23:38:05 2009
New Revision: 835161
URL: http://svn.apache.org/viewvc?rev=835161&view=rev
Log:
A simple fix to avoid NPE in grovvy scripts, from Jeremy Wickersheimer at "Possible NPE in security check" (https://issues.apache.org/jira/browse/OFBIZ-3160) - OFBIZ-3160
Modified:
ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java
Modified: ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java?rev=835161&r1=835160&r2=835161&view=diff
==============================================================================
--- ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java (original)
+++ ofbiz/trunk/framework/security/src/org/ofbiz/security/OFBizSecurity.java Wed Nov 11 23:38:05 2009
@@ -130,9 +130,13 @@
* @see org.ofbiz.security.Security#hasEntityPermission(java.lang.String, java.lang.String, javax.servlet.http.HttpSession)
*/
public boolean hasEntityPermission(String entity, String action, HttpSession session) {
+ if (session == null) {
+ return false;
+ }
GenericValue userLogin = (GenericValue) session.getAttribute("userLogin");
-
- if (userLogin == null) return false;
+ if (userLogin == null) {
+ return false;
+ }
return hasEntityPermission(entity, action, userLogin);
}